VS Team Developer Beta 2 shipped with an unfortunate problem that disables several interesting FxCop checks for managed binaries. One such rule is the security check 'Review SQL queries for security vulnerabilities' that detects hard-coded string literals used as SQL queries.

There is a simple workaround to get this analysis up and running. In the FxCop binary subdirectory (eg, "C:\Program Files\Microsoft Visual Studio 8\Team Tools\Static Analysis Tools\FxCop"), create a new subdirectory named Repository. Create a new file inside this subdirectory named index.xml. Add the following content to that file:

<TypeIndex />

After doing this, the FxCop check should subsequently work within the VS IDE.

Michael Fanning
VSTS Development: Static Analysis